Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/4NQqm2CaP1fO7mDSHKIka0vd_Yo.roa
File: 4NQqm2CaP1fO7mDSHKIka0vd_Yo.roa (raw, json)
Hash identifier: Tu7Bx/wO5EQljIk9/2v/V9ugP5juwuCJKpAT/DDcqEA=
Subject key identifier: E0:D4:2A:9B:60:9A:3F:57:CE:EE:60:D2:1C:A2:24:6B:4B:DD:FD:8A
Certificate issuer: /CN=18f9194d4dd7d4b7b777c920079e401d3a2533b6
Certificate serial: 0193ABD15327555C33F784FBB716DE36B222
Authority key identifier: 18:F9:19:4D:4D:D7:D4:B7:B7:77:C9:20:07:9E:40:1D:3A:25:33:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPkZTU3X1Le3d8kgB55AHTolM7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/4NQqm2CaP1fO7mDSHKIka0vd_Yo.roa
Signing time: Mon 09 Dec 2024 14:27:22 +0000
ROA not before: Mon 09 Dec 2024 14:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213212
IP address blocks: 85.159.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:d1:53:27:55:5c:33:f7:84:fb:b7:16:de:36:b2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f9194d4dd7d4b7b777c920079e401d3a2533b6
Validity
Not Before: Dec 9 14:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0d42a9b609a3f57ceee60d21ca2246b4bddfd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fd:be:1c:ae:c6:56:97:77:f7:55:75:ad:09:
c1:eb:3a:aa:e7:33:5e:fb:fc:24:2f:63:b4:ff:9f:
e6:36:16:bf:9b:c2:43:e1:40:62:aa:bd:8a:f3:71:
08:9b:77:df:c4:15:4a:63:39:10:84:69:b7:76:70:
ee:f7:e5:c7:8d:4a:30:55:08:68:9d:8b:66:dc:a3:
c5:b3:e0:d7:ae:c1:20:11:7e:9a:54:4f:ea:dc:bf:
5b:78:23:e2:ce:7a:db:42:20:77:bf:60:88:9e:ab:
5e:e9:d4:6f:a0:99:e4:a0:2e:15:ba:4f:3c:73:25:
3c:99:6f:01:15:c8:93:ab:01:89:57:e2:65:d7:13:
96:7f:1a:6a:fa:eb:8a:9f:b6:8f:8f:b0:52:6c:69:
8d:f0:5c:84:8f:d7:72:c1:1e:db:b3:7c:a9:a7:f8:
86:70:07:ed:ab:f2:20:be:90:46:00:84:27:40:7d:
d4:6f:7b:38:bc:7d:ac:01:64:f0:85:42:59:aa:6a:
6d:17:79:cd:a0:75:31:b7:7e:da:0b:6a:68:07:78:
cd:1b:fc:df:28:fb:05:d1:f9:40:f3:67:a6:85:89:
b7:9a:38:83:14:aa:1d:5a:08:ab:39:9b:b1:56:44:
25:63:9f:e2:c5:91:8a:98:d5:18:f2:62:9e:5b:23:
e0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D4:2A:9B:60:9A:3F:57:CE:EE:60:D2:1C:A2:24:6B:4B:DD:FD:8A
X509v3 Authority Key Identifier:
keyid:18:F9:19:4D:4D:D7:D4:B7:B7:77:C9:20:07:9E:40:1D:3A:25:33:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPkZTU3X1Le3d8kgB55AHTolM7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/4NQqm2CaP1fO7mDSHKIka0vd_Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/GPkZTU3X1Le3d8kgB55AHTolM7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.117.0/24
Signature Algorithm: sha256WithRSAEncryption
66:63:51:f7:88:2d:9a:77:24:c5:49:41:5a:31:58:dd:a0:4f:
39:39:c6:5b:85:8d:73:f5:3e:81:9e:ed:a2:d7:30:4a:8d:5c:
20:07:bd:c2:d3:0b:89:bf:c3:cb:8b:0c:c9:5a:88:ad:10:93:
fb:f3:4b:02:c8:ab:29:e1:99:a4:a3:08:a4:45:cb:f1:2f:8d:
a1:49:62:29:74:15:30:da:52:2f:39:4a:4c:19:f7:ed:11:08:
47:23:7a:70:fd:1f:19:91:17:29:33:ba:b5:26:11:6e:3a:b3:
6b:24:b7:41:59:34:93:a9:6f:fd:5c:87:34:45:4a:3b:0c:e1:
62:7b:93:0d:a6:03:4c:9d:2f:00:c3:6a:63:b9:63:13:f3:ff:
0d:bf:06:2b:b9:d4:8b:2d:40:22:14:ed:78:c4:3c:e7:45:9a:
de:5c:9f:df:fa:3e:b9:63:b1:e2:3c:95:32:41:4f:47:48:86:
29:2d:49:bc:e2:9d:ed:b1:27:0f:a6:3c:b5:41:3c:95:8d:a6:
db:73:21:b9:21:f6:23:96:4a:b0:e4:4b:66:5a:c4:3f:c1:ab:
14:c1:02:e2:25:5e:30:b5:d9:d1:8d:e9:ad:56:cf:f1:81:d8:
62:c7:5d:bd:0b:ad:61:75:9e:f3:0e:63:75:25:ab:ea:8d:9d:
a2:47:d8:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOr0VMnVVwz94T7txbeNrIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjkxOTRkNGRkN2Q0YjdiNzc3YzkyMDA3OWU0MDFkM2Ey
NTMzYjYwHhcNMjQxMjA5MTQyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQ0MmE5YjYwOWEzZjU3Y2VlZTYwZDIxY2EyMjQ2YjRiZGRmZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxv2+HK7GVpd391V1rQnB6zqq5zNe
+/wkL2O0/5/mNha/m8JD4UBiqr2K83EIm3ffxBVKYzkQhGm3dnDu9+XHjUowVQho
nYtm3KPFs+DXrsEgEX6aVE/q3L9beCPiznrbQiB3v2CInqte6dRvoJnkoC4Vuk88
cyU8mW8BFciTqwGJV+Jl1xOWfxpq+uuKn7aPj7BSbGmN8FyEj9dywR7bs3ypp/iG
cAftq/IgvpBGAIQnQH3Ub3s4vH2sAWTwhUJZqmptF3nNoHUxt37aC2poB3jNG/zf
KPsF0flA82emhYm3mjiDFKodWgirOZuxVkQlY5/ixZGKmNUY8mKeWyPgXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODUKptgmj9Xzu5g0hyiJGtL3f2KMB8GA1UdIwQY
MBaAFBj5GU1N19S3t3fJIAeeQB06JTO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BrWlRVM1gxTGUzZDhrZ0I1NUFIVG9sTTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMmM2ODktZWMzNi00ZWRmLTk2ZjQt
Mzg5OTVmMjRiMWVmLzEvNE5RcW0yQ2FQMWZPN21EU0hLSWthMHZkX1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMmM2ODktZWMzNi00ZWRmLTk2ZjQtMzg5OTVmMjRiMWVm
LzEvR1BrWlRVM1gxTGUzZDhrZ0I1NUFIVG9sTTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZ91MA0G
CSqGSIb3DQEBCwUAA4IBAQBmY1H3iC2adyTFSUFaMVjdoE85OcZbhY1z9T6Bnu2i
1zBKjVwgB73C0wuJv8PLiwzJWoitEJP780sCyKsp4ZmkowikRcvxL42hSWIpdBUw
2lIvOUpMGfftEQhHI3pw/R8ZkRcpM7q1JhFuOrNrJLdBWTSTqW/9XIc0RUo7DOFi
e5MNpgNMnS8Aw2pjuWMT8/8NvwYrudSLLUAiFO14xDznRZreXJ/f+j65Y7HiPJUy
QU9HSIYpLUm84p3tsScPpjy1QTyVjabbcyG5IfYjlkqw5EtmWsQ/wasUwQLiJV4w
tdnRjemtVs/xgdhix129C61hdZ7zDmN1JavqjZ2iR9hx
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:28:45 2025 by rpki-client